Re: Avoid not authenticated forged mail

[Carlos Acedo <carlos@pangea.org>]

On 22/12/09 16:14, Thomas Goirand wrote:
> Yves Junqueira wrote:
>    
> > 2009/12/22 Carlos Acedo<carlos@pangea.org>
> >      
> > > Hi,
> > >
> > > Once in a while I receive spam "from my own" mail address, many users send mails to themselfs, so what I would like is to allow only authenticated mail to be able to send mails to themselfs. Is that possible?
> > >        
> > Yes. You probably need a mix of strict SPF records in your domain,
> > employ SPF checking in your MTA and accept authenticated only SMTP
> > deliveries.
> >
> > This has the positive side effect of other mail systems being able to
> > use these SPF records to check if they people are pretending to be
> > you.
> >
> > When using SPF, it's also a good idea to use DKIM too.
> >      
> I do agree that DKIM would solve this issue nicely. Since we implemented
> it, this kind of issue are gone. If I may suggest you, you can use
> dkimproxy 1.2 that I maintain and that has just been uploaded to SID (it
> also works for Lenny out of the box without the need to backport as its
> arch indep.).
>
> Thomas
>
>
>    
Thank you for your replies, I was considering DKIM, but I was afraid of 
the overhead, but I think it's worth after all. I will also take a look 
to the SPF records as well.

Regards.



--
Carlos.